Why do Smarsheet webhooks force developers to create webhooks only in a production environment?
In the docs, the following is stated:
- Smartsheet webhooks do not support callbacks to servers using self-signed certificates. The callback server must be using a signed certificate from a certificate authority.
- The callbackURL cannot be a private IP address.
- The callbackURL must use one of the following ports: 443 (default for HTTPS), 8000, 8008, 8080, or 8443.
In other words, you cannot create a webhook in development or testing environments. It seems like there should be a way to do that because creating the hook in production would be horribly inconvenient.
Best Answer
-
The solution to this problem is to use TCP Tunneling.
https://blog.cloud-elements.com/4-options-developing-webhooks
Answers
-
Hey Cameron,
Since web hooks connects to your host over the public Internet, we do require that the host present a certificate issued by a well-known certificate authority. This helps ensure that the web hook is sending data to the right host and that the data is encrypted. While this is more secure, it doesn’t prevent you from setting up web hooks to pre-production environments. It just means that the pre-production environments need to use trusted certificates too. I know some customers using web hooks are using certificates from Let's Encrypt which are free and they have some handy tools to make provisioning certificates easy.
Hope this helps!
—
Scott Willeke
Director of Product Management
Smartsheet
-
Hey Scott, thanks for the response.
So what concerns me is bullet point #2 where it says "The callbackURL cannot be a private IP address". Private IP addresses are used by all applications that run in your development environment. If private IP addresses are the only URL's that you can use in development environment, but sourcetree doesn't allow private IP addresses, I don't see how this will work.
-
Cameron:
As an Internet-based application, our web hooks only connect to hosts over the public Internet. A private IP address cannot be exposed to the public Internet. So using a private IP would be a non-starter for other reasons (e.g. if we allowed private IP addresses it would essentially be connecting to private hosts in our own internal network).
If I'm missing something here that would be better resolved over email, feel free to contact our support team at https://help.smartsheet.com/contact . Although probably not your fastest option, as an alternative you can schedule time with me directly and personally walk through your scenario with you. If you choose to do so, please use the following link to schedule time with me: https://calendly.com/activescott
—
Scott Willeke
Director of Product Management
Smartsheet
-
The solution to this problem is to use TCP Tunneling.
https://blog.cloud-elements.com/4-options-developing-webhooks
Categories
- All Categories
- 14 Welcome to the Community
- Smartsheet Customer Resources
- 64.2K Get Help
- 419 Global Discussions
- 221 Industry Talk
- 461 Announcements
- 4.8K Ideas & Feature Requests
- 143 Brandfolder
- 141 Just for fun
- 58 Community Job Board
- 462 Show & Tell
- 32 Member Spotlight
- 1 SmartStories
- 299 Events
- 38 Webinars
- 7.3K Forum Archives
